From ca6e07fa5a4112a968891e3331a771fea7cebd4d Mon Sep 17 00:00:00 2001
From: Roland Haeder <roland@mxchange.org>
Date: Fri, 17 Apr 2015 20:50:53 +0200
Subject: [PATCH] Added checks for 'command' and 'form' and check if CAPTCHA is
enabled.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
Signed-off-by: Roland Häder <roland@mxchange.org>
---
...ass_GraphicalCodeCaptchaVerifierFilter.php | 23 +++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php b/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
index dc6e19b5..5dc0f575 100644
--- a/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
+++ b/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
@@ -54,6 +54,29 @@ class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterabl
* @throws FilterChainException If this filter fails to operate
*/
public function execute (Requestable $requestInstance, Responseable $responseInstance) {
+ // Is the form set?
+ if (($requestInstance->getRequestElement('command') !== 'do_form') || (!$requestInstance->isRequestElementSet('form'))) {
+ // Required field not set
+ $requestInstance->requestIsValid(FALSE);
+
+ // Add fatal message
+ $responseInstance->addFatalMessage('command_form_invalid');
+
+ // Skip further processing
+ throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
+ } // END - if
+
+ // Create config entry
+ $configKey = sprintf('%s_captcha_secured',
+ $requestInstance->getRequestElement('form')
+ );
+
+ // Is the CAPTCHA enabled?
+ if ($this->getConfigInstance()->getConfigEntry($configKey) != 'Y') {
+ // Not enabled, so don't check
+ return;
+ } // END - if
+
// Get the captcha code
$captchaCode = $requestInstance->getRequestElement('c_code');
--
2.39.5